-
-
Notifications
You must be signed in to change notification settings - Fork 5.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Prevent sending emails and notifications to inactive users #2384
Prevent sending emails and notifications to inactive users #2384
Conversation
models/issue_mail.go
Outdated
if err != nil { | ||
return fmt.Errorf("GetUserByID [%d]: %v", issue.PosterID, err) | ||
} | ||
if issue.PosterID != doer.ID && poster.IsActive == true { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do not check booleans with ==
do just simple && poster.IsActive {
. Should there be also check for && !poster.ProhibitLogin
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes you are right. Will fix that.
models/migrations/v39.go
Outdated
) | ||
|
||
func addDefaultValueToUserProhibitLogin(x *xorm.Engine) (err error) { | ||
// Update user |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do not load data in go code. Just update with condition where prohibid_login is null
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I tried but there was an issue with one database.
Was complaining about not finding anything while updating because I had no user with null
in database.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I tested it again with your proposed change.
It is working now, maybe I had a problem somewhere else ;-)
models/user.go
Outdated
@@ -111,7 +111,7 @@ type User struct { | |||
AllowGitHook bool | |||
AllowImportLocal bool // Allow migrate repository by local path | |||
AllowCreateOrganization bool `xorm:"DEFAULT true"` | |||
ProhibitLogin bool | |||
ProhibitLogin bool `xorm:"DEFAULT false"` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Also add notnull
here
return watches, e.Find(&watches, &Watch{RepoID: repoID}) | ||
return watches, e.Where("`watch`.repo_id=?", repoID). | ||
And("`user`.is_active=?", true). | ||
And("`user`.prohibit_login=?", false). |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't think user who is prohibit_login
will be moved from watchers UI.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The method is also used in
Line 104 in f61a1d2
watches, err := getWatchers(e, issue.RepoID) |
Perhaps I should add a second method or a parameter to add restriction conditionally?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, add additional parameter to function to know in to return all as it was or just active ones
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@lunny @lafriks I figured out that the view isn't using this method anyways. The view is using the method from here https://github.com/daviian/gitea/blob/e3f679f39da7985193cec28a7c21fbc16ab2310d/models/repo_watch.go#L67
The method in question is only used by notification and mail
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@lunny Any response?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@daviian OK.
models/issue.go
Outdated
And("`comment`.type = ?", CommentTypeComment). | ||
And("`user`.is_active = ?", true). | ||
And("`user`.prohibit_login = ?", false). | ||
Join("LEFT", "user", "`user`.id = `comment`.poster_id"). |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm not sure why we're doing a left join here. If the goal is to include comments that don't have a "valid" poster (e.g. deleted user), I don't think this will work; for those comments the user.is_active
column will be NULL, and the user.is_active = true
condition won't hold. And if we don't want to include such comments, why not just do an inner join?
Ditto elsewhere
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@ethantkoenig good point, I also think it should be changed to INNER join
I will implement the requested changes this week, in the best case this evening. |
e3f679f
to
4c0d946
Compare
@daviian have you fixed all points? |
@lunny I have changed the joins to |
LGTM |
models/issue.go
Outdated
@@ -1209,7 +1209,10 @@ func GetParticipantsByIssueID(issueID int64) ([]*User, error) { | |||
userIDs := make([]int64, 0, 5) | |||
if err := x.Table("comment").Cols("poster_id"). | |||
Where("issue_id = ?", issueID). |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
shouldn't this really be?
Where("`comment`.issue_id = ?", issue).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Since issue_id
is a unique attribute in this join it is valid sql, but I can add it for the sake of clarity.
models/issue_watch.go
Outdated
@@ -91,6 +91,9 @@ func GetIssueWatchers(issueID int64) ([]*IssueWatch, error) { | |||
func getIssueWatchers(e Engine, issueID int64) (watches []*IssueWatch, err error) { | |||
err = e. | |||
Where("issue_id = ?", issueID). |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Same here, should have watch.issue_id
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
As mentioned in the other comment, I can add it for the sake of clarity, but it wouldn't be necessary.
c00221a
to
4f36800
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
One minor thing though
models/migrations/v40.go
Outdated
_, err = x.Exec("ALTER TABLE \"user\" ALTER COLUMN `prohibit_login` SET NOT NULL, ALTER COLUMN `prohibit_login` SET DEFAULT false") | ||
case "mssql": | ||
// xorm already set DEFAULT 0 for data type BIT in mssql | ||
_, err = x.Exec("ALTER TABLE [user] ALTER COLUMN \"prohibit_login\" BIT NOT NULL") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
_, err = x.Exec(`ALTER TABLE [user] ALTER COLUMN "prohibit_login" BIT NOT NULL`)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can I ask why?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No you can't :P I think bkcsoft asked that just for readability to not have to use backslashes
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
So it should be changed in the other statements too?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I would say no, because the other statements contain backticks
acc426a
to
ced11bd
Compare
Codecov Report
@@ Coverage Diff @@
## master #2384 +/- ##
==========================================
- Coverage 27.7% 27.59% -0.12%
==========================================
Files 83 83
Lines 16914 16928 +14
==========================================
- Hits 4686 4671 -15
- Misses 11553 11581 +28
- Partials 675 676 +1
Continue to review full report at Codecov.
|
@bkcsoft need your approval |
…ications Signed-off-by: David Schneiderbauer <dschneiderbauer@gmail.com>
Signed-off-by: David Schneiderbauer <dschneiderbauer@gmail.com>
Signed-off-by: David Schneiderbauer <dschneiderbauer@gmail.com>
Signed-off-by: David Schneiderbauer <dschneiderbauer@gmail.com>
f0092d9
to
fdc0f6c
Compare
Rebased with current master |
if err != nil { | ||
return fmt.Errorf("GetUserByID [%d]: %v", issue.PosterID, err) | ||
} | ||
if issue.PosterID != doer.ID && poster.IsActive && !poster.ProhibitLogin { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
missing testing in this patch?.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@appleboy what do you mean?
LGTM |
Targets #2034
Added checks if user is inactive (
is_active = false
orprohibit_login = true
) before creating notifications and sending mails.Furthermore I added
NOT NULL DEFAULT false
toprohibit_login
field.Changed unit tests accordingly and added a migration, which I tested for mssql, mysql and postgresql.